Danie van der Merwe wrote the following Beitrag Fri, 30 Jan 2026 14:13:21 +0100

Microsoft handed encryption keys for customer data to the government

Microsoft handed encryption keys for customer data to the government

“The FBI went to Microsoft last year with a warrant, asking them to hand over keys to unlock encrypted data stored on three laptops as part of an investigation into potential fraud involving the COVID unemployment assistance program in Guam — and Microsoft complied.”

Two issues are of concern here:

1. Microsoft does indeed have their own encryption keys to your data. Unlike some companies that do not have encryptions keys at all e.g. Proton, and they will only hand over available metadata (such as IP address, connection times, etc) that they have access to when receiving a valid warrant. Microsoft can be legally compelled as it is now known they have keys to decrypt customer data in their cloud.

2. The legal warrant is only going to be a requirement for accessing US citizen or US corporate data. It is not needed for accessing global citizen data or data stored outside the USA, thanks to the CLOUD and PATRIOT Acts. The same will apply for governments with questionable human rights records (or privacy protection) who may also issue legal warrants to access private data from Microsoft.

I can only imagine both the issues above are part of what is driving the EU to have their own cloud services based in the EU where only they control the encryption keys.

See #^Microsoft handed the government encryption keys for customer data

Microsoft complied with a warrant to hand over BitLocker recovery keys to the FBI, and privacy advocates are worried.

# technology # privacy # cloud # microsoft # government # cybersecurity 

Danie van der Merwe wrote the following Beitrag Fri, 30 Jan 2026 14:13:21 +0100

Microsoft handed encryption keys for customer data to the government

Microsoft handed encryption keys for customer data to the government

“The FBI went to Microsoft last year with a warrant, asking them to hand over keys to unlock encrypted data stored on three laptops as part of an investigation into potential fraud involving the COVID unemployment assistance program in Guam — and Microsoft complied.”

Two issues are of concern here:

1. Microsoft does indeed have their own encryption keys to your data. Unlike some companies that do not have encryptions keys at all e.g. Proton, and they will only hand over available metadata (such as IP address, connection times, etc) that they have access to when receiving a valid warrant. Microsoft can be legally compelled as it is now known they have keys to decrypt customer data in their cloud.

2. The legal warrant is only going to be a requirement for accessing US citizen or US corporate data. It is not needed for accessing global citizen data or data stored outside the USA, thanks to the CLOUD and PATRIOT Acts. The same will apply for governments with questionable human rights records (or privacy protection) who may also issue legal warrants to access private data from Microsoft.

I can only imagine both the issues above are part of what is driving the EU to have their own cloud services based in the EU where only they control the encryption keys.

See #^Microsoft handed the government encryption keys for customer data

Microsoft complied with a warrant to hand over BitLocker recovery keys to the FBI, and privacy advocates are worried.

# technology # privacy # cloud # microsoft # government # cybersecurity